cancel
Showing results for 
Search instead for 
Did you mean: 

iRule for SameSite Strict attribute

Vishnu2212
Nimbostratus
Nimbostratus

Hi Folks,

I need iRule for setting the samesite = strict attribute and call it in virtual server. I have tried available article but it is not working. SameSite is reflecting as None from the browser developer tool.

 

Here is my iRule.

 

when HTTP_RESPONSE_RELEASE {

 

set samesite_security "strict"

 

 

set cookie_names [HTTP::cookie names]

 

foreach a_cookie $cookie_names {

# Remove any prior instances of SameSite attributes

HTTP::cookie attribute $a_cookie remove {samesite} 

# Insert a new SameSite attribute

HTTP::cookie attribute $a_cookie insert {samesite} $samesite_security

 

}

if {$cookie_debug}{log local0. "[IP::client_addr]:[TCP::client_port]: Set-Cookie header values: [HTTP::header values {Set-Cookie}]"}

}

 

 

 

1 REPLY 1

Have you checked this article as it mentons a bug:

 

 

https://support.f5.com/csp/article/K14225515

 

 

 

Also search the bugtracker for bugs for samesite :

 

 

https://support.f5.com/csp/bug-tracker?sf189923893=1